Application No. 09/893,736 



Atty. Docket No. 042390.P1 1033 
Examiner: Taghi T. Arani 
TC/A.U.2131 



IN THE CLAIMS: 

Please amend the claims as follows: 

1 (Currently Amended). A method for dynamically configuring a tunnel 
comprising: 

initiating, by a first peer, a negotiation with a second peer, the 
negotiation including a plurality of security configuration proposals; 

sending, by the second peer, information to the first peer; 

extracting, by the first peer, a security configuration selected from 
among the plurality of security configuration proposals from the information 
sent by the second peer; and 

establishing, using the security configuration, a tunnel between the first 
peer and the second peer, 

wherein the first peer orders the plurality of security configuration 
proposals such that a more secure security configuration proposal having a 
higher level of security is offered before a less secure security configuration 
proposal having a lesser level of security . 

2 (Original). The method of claim 1, wherein the negotiation utilizes the 
configuration mode exchange extension of the DPSec protocol. 
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3 (Original). The method of claim 1, wherein the establishing a tunnel 
includes conducting a phase2 negotiation in the IPSec protocol. 

4 (Original). The method of claim 1, further comprising initiating, by the first 
peer, a preliminary negotiation with the second peer. 

5 (Original). The method of claim 4, wherein the initiating a preliminary 
negotiation includes conducting a phase 1 negotiation in the IPSec protocol. 

6 (Currently Amended). A method for dynamically configuring a tunnel 
comprising: 

initiating, by a first peer, a negotiation with a second peer, the initiating 
comprising offering, by the first peer to the second peer, at least one security 
configuration proposal supported by the first peer, 

wherein the first peer orders offered security configuration proposals in 
a transmission packet such that a more secure security configuration proposal 
having a higher level of security is offered before a less secure security 
configuration proposal having a lesser level of security ; 

extracting, by the first peer, a selected security configuration from 
information sent by the second peer; and 

establishing, using the security configuration, a tunnel between the first 
peer and the second peer. 
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7 (Original). The method of claim 6, wherein the tunnel is an IPSec tunnel 

8 (Original). The method of claim 6, wherein the negotiation utilizes the 
configuration mode exchange extension of the IPSec protocol. 

9 (Original). The method of claim 6, wherein the initiating comprises 
requesting, by the first peer, that the second peer send information, the 
information including policy information to define a subsequent negotiation 
between the first peer and the second peer. 

10 (Original). The method of claim 9, wherein the policy information defines 
one or more security associations. 

1 1 (Original). The method of claim 10, wherein the information sent by the 
second peer comprises sets of attributes, the attributes including security 
parameters and network addresses. 

12 (Original). The method of claim 6, wherein the establishing a tunnel 
comprises negotiating, by the first peer with the second peer, to generate a 
secure key. 
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13 (Original). The method of claim 12, wherein the negotiating to generate a 
secure key includes conducting a phase2 negotiation in the IPSec protocol. 

14 (Original). The method of claim 6, wherein the establishing a tunnel 
utilizes the quick mode exchange of the IPSec protocol. 

15 (Original). The method of claim 6, wherein the IP address of the second 
peer is accessible to the first peer. 

16 (Original). The method of claim 15, wherein a shared secret is stored on 
the first peer before the negotiation. 

17 (Cancelled). 

18 (Cancelled). 

19 (Previously Presented). The method of claim 6, wherein the negotiation 
utilizes the base mode exchange extension of the IPSec protocol. 

20 (Previously Presented). The method of claim 6, wherein the initiating a 
negotiation further comprises sending, by the first peer to the second peer, the 
identity of the first peer. 
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21 (Previously Presented). The method of claim 6, wherein the initiating a 
negotiation includes conducting a phasel negotiation in the IPSec protocol. 

22 (Previously Presented). The method of claim 6, wherein the negotiation 
utilizes one of main mode and aggressive mode of the IPSec protocol. 

23 (Currently Amended). A method for dynamically configuring a tunnel 
comprising: 

sending, by a second peer, information to a first peer that initiated a 
negotiation with the second peer, the information including a security 
configuration selected from among a plurality of security configuration 
proposals offered by the first peer; and 

establishing, using the security configuration, a tunnel between the first 
peer and the second peer, 

wherein the first peer orders the plurality of security configuration 
proposals such that a more secure security configuration proposal having a 
higher level of security is offered before a less secure security configuration 
proposal having a lesser level of security . 

24 (Cancelled). 
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25 (Currently Amended). A system for dynamically configuring a tunnel 
comprising: 

a first peer; and 

a second peer configured to communicate with the first peer over a 
network connection, 

wherein the first peer is configured to initiate a negotiation with the 
second peer, wherein the negotiation includes a plurality of security 
configuration proposals; 

the second peer is configured to send information to the first peer, 

the first peer is configured to extract a security configuration selected 
from among the plurality of security configuration proposals from the 
information sent by the second peer, and 

the first peer and the second peer are configured to establish a tunnel 
there between using the security configuration, 

wherein the first peer orders the plurality of security configuration 
proposals such that a more secure security configuration proposal having a 
higher level of security is offered before a less secure security configuration 
proposal having a lesser level of security . 

26 (Original). The system of claim 25, wherein the tunnel is an IPSec tunnel. 

27 (Currently Amended). A computer-readable medium encoded with a 
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plurality of processor-executable instruction sequences for: 

initiating, by a first peer, a negotiation with a second peer, the 
negotiation including a plurality of security configuration proposals; 

extracting, by the first peer, a security configuration selected from 
among the plurality of security configuration proposals from information sent 
by the second peer; and 

establishing, using the security configuration, a tunnel between the first 
peer and the second peer, 

wherein the first peer orders the plurality of security configuration 
proposals such that a more secure security configuration proposal having a 
higher level of security is offered before a less secure security configuration 
proposal having a lesser level of security . 

28 (Original). The computer-readable medium of claim 27, wherein the 
negotiation comprises a request/reply negotiation, wherein the first peer 
requests that the second peer send the information, and the second peer replies 
to the request by sending the information to the first peer. 

29 (Cancelled). 

30 (Cancelled). 
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31-34 (Cancelled). 
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